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AMENDMENTS TO THE CLAIMS 

1 . (Original) A method for allocating a plurality of encryption keys according to a 
plurality of access authorization classes, said method comprising the steps of: 

setting an access authorization to at least one access point in advance; 
differentiating said encryption keys according to a plurality of access authorization 
types; and 

obtaining by at least one wireless station the differentiated encryption keys in advance. 

2. (Original) The method of claim 1, wherein the access authorization types include 
a class 1 that indicates access authorization to an access point to which the wireless 

station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned, 

a class 3 that indicates access authorization to all access points included in the LAN to 
which the wireless station is assigned, and 

a class 4 that indicates access authorization to multiple access points included in a wide 
area network (WAN). 

3. (Original) The method of claim 1, further comprising a step of 

a wireless station desiring to communicate with an access point selecting from the 
plurality of encryption keys an encryption key corresponding to the access authorization to the 
access point and communicates data with the access point, wherein the wireless station has a 
plurality of encryption keys corresponding to access authorization types. 

4. (Original) A method for allocating one or more encryption keys according to a 
plurality of access authorization classes, comprising: 
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(a) a wireless station requesting an access point to perform authentication and the access 

point, which is requested to perform authentication, determining access authorization to the 
access point; 

(b) obtaining an encryption key and generating a shared key set including the obtained 
encryption keys in accordance with the determination result of step (a); 

(c) the wireless station requesting a LAN authentication server to perform authentication , 
and the LAN authentication server, which is requested to perform authentication, determining 
access authorization to an access point belonging to the LAN; 

(d) obtaining an encryption key and updating the shared key set by adding the encryption 
key to the shared key set in accordance with the determination result of step (c); 

(e) the wireless station requesting a WAN authentication server to perform authentication 
and the WAN authentication server, which is requested to perform authentication, determining 
access authorization to an access point belonging to the WAN; and 

(f) obtaining an encryption key and updating the shared key set by adding the encryption 
key to the shared key set in accordance with the determination result of step (e). 

5. (Original) The method of claim 4, wherein step (a) further comprises a step of the 
wireless station requesting an access point to perform authentication, and the access point which 
is requested to perform authentication determining whether or not access authorization to the 
access point corresponds to a class 1 , said class 1 indicating access authorization to an access 
point to which the wireless station is assigned. 

6. (Original) The method of claim 4, wherein step (c) further comprises the steps of: 

(cl) the LAN authentication server determining whether or not the access authorization to 
the access point corresponds to a class 2, said class 2 indicating access authorization to 
predetermined access points included in a LAN to which the wireless station belongs to; 

(c2) if a determination result of step (cl) indicates that the access authorization 
corresponds to said class 2, obtaining an encryption key of class 2, and determining whether or 



3 



Patent Application 
Attorney Docket No. 784-51 (SI-19122-US) 
not the access authorization corresponds to a class 3, said class3 indicating access authorization 

to all access points included in the LAN to which the wireless station belongs to; and 

(c3) if a determination result of step (c2) indicates that the access authorization 

corresponds to said class 3, obtaining an encryption key of class 3. 

7. (Original) The method of claim 6, wherein step (c2) further comprises the steps of: 
allocating a null encryption key if the determination result of step (cl) indicates that the 

access authorization does not correspond to said class 2; 

determining whether the access authorization corresponds to class 3; and 
allocating a null encryption key if a determination result indicates that the access 

authorization does not correspond to class 3. 

8. (Original) A roaming method for a wireless station using a plurality of encryption 
keys allocated according to a plurality of access authorization classes, said method comprising 
the steps of: 

(a) setting an access authorization to an access point in advance, differentiating said 
plurality of encryption keys according to a plurality of access authorization types and 

a wireless station obtaining in advance an encryption key set including the differentiated 
plurality of encryption keys for respective access points; 

(b) receiving a command to communicate with an access point not available for 
communication using an encryption key currently selected in the encryption key set; 

(c) determining an access authorization to the access point not available for 
communications; 

(d) selecting an encryption key from the encryption key set obtained in advance 
corresponding to the determined access authorization; and 

(e) using the selected encryption key to encrypt a transmission message and communicate 
with the access point not available for communication. 
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9. (Original) The method of claim 8, wherein the access authorization types of the 

encryption key set include 

a class 1 that indicates access authorization to an access point to which the wireless 
station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned, 

a class 3 that indicates access authorization to all access points included in the LAN to 
which the wireless station is assigned, and 

a class 4 that indicates access authorization to multiple access points included in a wide 
area network (WAN). 

1 0. (Original) A computer readable medium having embodied thereon a program of 
instructions executable by a computer for performing the method of claim 4. 

1 1 . (Original) A computer readable medium having embodied thereon a program of 
instructions executable by a computer for the method of claim 8. 

12. (Original) An apparatus for allocating a plurality of encryption keys according to a 
plurality of access authorization classes, comprising: 

an access authorization determining unit for determining an access authorization class for 
communication between a wireless station from a plurality of wireless stations and an access 
point from a plurality of access points; 

an encryption key storing unit which stores said plurality of encryption keys according to 
said access authorization classes; and 

an encryption key allocation unit which reads an encryption key from the encryption key 
storing unit corresponding to a determination result of the access authorization determining unit 
and transfers a value of said encryption key to the wireless station. 

13. (Original) The apparatus of claim 12, wherein the access authorization classes include 
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a class 1 that indicates access authorization to an access point to which the wireless 

station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned, 

a class 3 that indicates access authorization to all access points included in the LAN to 
which the wireless station is assigned, and 

a class 4 that indicates access authorization to multiple access points included in a wide 
area network (WAN). 

14. (Currently Amended) A computer readable medium storing instructions which, when 
executed causes execution of a program implementing having e mbodi e d th e r e on a structure of a 
wireless data packet used for allocating encryption keys according to access authorization classes 
in a wireless network that comprises a wireless station and an access point, the medium structure 
comprising: 

a header of said data packet transmitted through the wireless network; 
an access authorization information storing field, which indicates access authorization for 
communication between the wireless station and the access point; 

an encrypted data field in which data contents to be transmitted are encrypted and stored; 

and 

an error correction field, which is used to correct data error. 

15. (Original) The computer readable medium of claim 14, wherein the access 
authorization information storing field comprises two bits and through possible combinations of 
the two bits, stores 

a class 1 that indicates access authorization to an access point to which the wireless 
station is assigned, 

a class 2 that indicates access authorization to predetermined access points included in a 
local area network (LAN) to which the wireless station is assigned, 



6 



Patent Application 
Attorney Docket No. 784-51 (SI-19122-US) 
a class 3 that indicates access authorization to all access points included in the LAN to 

which the wireless station is assigned, and 

a class 4 that indicates access authorization to multiple access points included in a wide 

area network (WAN). 
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